A broader range of security threats combined with increased regulatory and compliance demands has driven IT risk management to the operational level.
For most companies, IT is posing an unnecessary risk as organizations rely on enterprise computing for customer interaction and e-commerce, according to Greg Hughes, executive vice president of Symantec worldwide services and support.
Speaking at the Symantec Vision 2006 conference in Sydney yesterday, Hughes said risk management is one of the top spending priorities for CIOs in 2006.
He said there has been an exponential increase in the number of threats to enterprise systems, and comes on top of new regulatory demands.
"If you look at overall business risk it has traditionally been synonymous with financial risk, now increasingly it is about operational risk," Hughes said.
"This includes understanding what [is likely] to bring our operations down; the biggest driver of operational risk is business risk.
"Companies are trying to get a more complete understanding of business risk that doesn't just include IT."
As a result, Hughes has seen the emergence of an internal role focused on IT risk management.
He said because business operations depend on IT, all areas of risk need to be assessed not just a company's computing needs.
"You cannot just look at one area and understand your exposure," he added.
Delivering a keynote address, David Sykes, Symantec Pacific region vice president, said this new level of awareness isn't limited just to the enterprise.
He said consumers are starting to recognize they have a lot of digital assets that require protection.
Bill Robbins, Symantec Asia Pacific and Japan senior vice president, said the company spent $750 million last year on R&D to develop its products and allocates 15 percent of yearly revenue on R&D.
Robbins said the Asia-Pacific region is becoming a critical part of Symantec's global profits.
For example, he said the region was responsible for 13 percent of overall revenue in fiscal 2006 and this figure increased to 14 percent in the recent Q1results.
"While we are focusing on the enterprise today we must not [overlook] that 28 percent of Symantec's revenue [generation] takes place in the consumer environment," Robbins said.
"These 'digital mirages' between consumers and the enterprise side are coming together; we can benefit by having strengths on both sides."